usr/src/common/tsol/blabel.c

   1 /*
   2  * CDDL HEADER START
   3  *
   4  * The contents of this file are subject to the terms of the
   5  * Common Development and Distribution License (the "License").
   6  * You may not use this file except in compliance with the License.
   7  *
   8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
   9  * or http://www.opensolaris.org/os/licensing.
  10  * See the License for the specific language governing permissions
  11  * and limitations under the License.
  12  *
  13  * When distributing Covered Code, include this CDDL HEADER in each
  14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
  15  * If applicable, add the following below this CDDL HEADER, with the
  16  * fields enclosed by brackets "[]" replaced with your own identifying
  17  * information: Portions Copyright [yyyy] [name of copyright owner]
  18  *
  19  * CDDL HEADER END
  20  */
  21 /*
  22  * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
  23  * Use is subject to license terms.
  24  */
  25
  26 #pragma ident   "%Z%%M% %I%     %E% SMI"
  27
  28 /*
  29  *      bl.c - Binary label operations for kernel and user.
  30  *
  31  *              These routines initialize, compare, set and extract portions
  32  *      of binary labels.
  33  */
  34
  35 #include <sys/tsol/label.h>
  36 #include <sys/tsol/label_macro.h>
  37
  38
  39 /*
  40  *      bltype - Check the type of a label structure.
  41  *
  42  *      Entry   label = Address of the label to check.
  43  *              type = Label type to check:
  44  *                      SUN_SL_ID = Sensitivity Label,
  45  *                      SUN_SL_UN = Undefined Sensitivity Label structure,
  46  *                      SUN_IL_ID = Information Label,
  47  *                      SUN_IL_UN = Undefined Information Label structure,
  48  *                      SUN_CLR_ID = Clearance, or
  49  *                      SUN_CLR_UN = Undefined Clearance structure.
  50  *
  51  *      Exit    None.
  52  *
  53  *      Returns True if the label is the type requested,
  54  *                      otherwise false.
  55  *
  56  *      Calls   BLTYPE.
  57  */
  58
  59 int
  60 bltype(const void *label, uint8_t type)
  61 {
  62
  63         return (BLTYPE(label, type));
  64 }
  65
  66
  67 /*
  68  *      blequal - Compare two labels for Classification and Compartments set
  69  *                      equality.
  70  *
  71  *      Entry   label1, label2 = label levels to compare.
  72  *
  73  *      Exit    None.
  74  *
  75  *      Returns True if labels equal,
  76  *                      otherwise false.
  77  *
  78  *      Calls   BLEQUAL.
  79  */
  80
  81 int
  82 blequal(const m_label_t *label1, const m_label_t *label2)
  83 {
  84
  85         return (BLEQUAL(label1, label2));
  86 }
  87
  88
  89 /*
  90  *      bldominates - Compare two labels for Classification and Compartments
  91  *                      sets dominance.
  92  *
  93  *      Entry   label1, label2 = labels levels to compare.
  94  *
  95  *      Exit    None.
  96  *
  97  *      Returns True if label1 dominates label2,
  98  *                      otherwise false.
  99  *
 100  *      Calls   BLDOMINATES.
 101  */
 102
 103 int
 104 bldominates(const m_label_t *label1, const m_label_t *label2)
 105 {
 106
 107         return (BLDOMINATES(label1, label2));
 108 }
 109
 110
 111 /*
 112  *      blstrictdom - Compare two labels for Classification and Compartments
 113  *                      sets strict dominance.
 114  *
 115  *      Entry   label1, label2 = labels levels to compare.
 116  *
 117  *      Exit    None.
 118  *
 119  *      Returns True if label1 dominates and is not equal to label2,
 120  *                      otherwise false.
 121  *
 122  *      Calls   BLSTRICTDOM.
 123  */
 124
 125 int
 126 blstrictdom(const m_label_t *label1, const m_label_t *label2)
 127 {
 128
 129         return (BLSTRICTDOM(label1, label2));
 130 }
 131
 132
 133 /*
 134  *      blinrange - Compare a label's classification and compartments set to
 135  *                  be within a lower and upper bound (range).
 136  *
 137  *      Entry   label = label level to compare.
 138  *              range = level range to compare against.
 139  *
 140  *      Exit    None.
 141  *
 142  *      Returns True if label is within the range,
 143  *                      otherwise false.
 144  *
 145  *      Calls BLINRANGE.
 146  */
 147
 148 int
 149 blinrange(const m_label_t *label, const m_range_t *range)
 150 {
 151         return (BLDOMINATES((label), ((range)->lower_bound)) &&
 152             BLDOMINATES(((range)->upper_bound), (label)));
 153 }
 154
 155 /*
 156  * This is the TS8 version which is used in the kernel
 157  */
 158
 159 int
 160 _blinrange(const m_label_t *label, const brange_t *range)
 161 {
 162         return (BLINRANGE(label, range));
 163 }
 164
 165 #ifdef _KERNEL
 166 /*
 167  *      blinlset - Check if the label belongs to the set
 168  *
 169  *      Entry   label = label level to compare.
 170  *              lset = label set to compare against.
 171  *
 172  *      Exit    None.
 173  *
 174  *      Returns True if label is an element of the set,
 175  *                      otherwise false.
 176  *
 177  */
 178
 179 int
 180 blinlset(const m_label_t *label, const blset_t lset)
 181 {
 182         int i;
 183
 184         for (i = 0; i < NSLS_MAX; i++) {
 185                 if (!BLTYPE(&lset[i], SUN_SL_ID))
 186                         return (B_FALSE);
 187                 if (BLEQUAL(label, &lset[i]))
 188                         return (B_TRUE);
 189         }
 190         return (B_FALSE);
 191 }
 192 #endif /* _KERNEL */
 193
 194
 195 /*
 196  *      blmaximum - Least Upper Bound of two levels.
 197  *
 198  *      Entry   label1, label2 = levels to bound.
 199  *
 200  *      Exit    label1 replaced by the LUB of label1 and label2.
 201  *
 202  *      Returns None.
 203  *
 204  *      Calls   BLMAXIMUM.
 205  */
 206
 207 void
 208 blmaximum(m_label_t *label1, const m_label_t *label2)
 209 {
 210
 211         BLMAXIMUM(label1, label2);
 212 }
 213
 214
 215 /*
 216  *      blminimum - Greatest Lower Bound of two levels.
 217  *
 218  *      Entry   label1, label2 = levels to bound.
 219  *
 220  *      Exit    label1 replaced by the GLB of label1 and label2.
 221  *
 222  *      Returns None.
 223  *
 224  *      Calls   BLMINIMUM.
 225  */
 226
 227 void
 228 blminimum(m_label_t *label1, const m_label_t *label2)
 229 {
 230
 231         BLMINIMUM(label1, label2);
 232 }
 233
 234
 235 /*
 236  *      bsllow - Initialize an admin_low Sensitivity Label.
 237  *
 238  *      Entry   label = Sensitivity Label structure to be initialized.
 239  *
 240  *      Exit    label = Initialized to the admin_low Sensitivity Label.
 241  *
 242  *      Returns None.
 243  *
 244  *      Calls   BSLLOW.
 245  */
 246
 247 void
 248 bsllow(bslabel_t *label)
 249 {
 250
 251         BSLLOW(label);
 252 }
 253
 254
 255 /*
 256  *      bslhigh - Initialize an admin_high Sensitivity Label.
 257  *
 258  *      Entry   label = Sensitivity Label structure to be initialized.
 259  *
 260  *      Exit    label = Initialized to the admin_high Sensitivity Label.
 261  *
 262  *      Returns None.
 263  *
 264  *      Calls   BSLHIGH.
 265  */
 266
 267 void
 268 bslhigh(bslabel_t *label)
 269 {
 270
 271         BSLHIGH(label);
 272 }
 273
 274 /*
 275  *      bclearlow - Initialize an admin_low Clearance.
 276  *
 277  *      Entry   clearance = Clearnace structure to be initialized.
 278  *
 279  *      Exit    clearance = Initialized to the admin_low Clearance.
 280  *
 281  *      Returns None.
 282  *
 283  *      Calls   BCLEARLOW.
 284  */
 285
 286 void
 287 bclearlow(bclear_t *clearance)
 288 {
 289
 290         BCLEARLOW(clearance);
 291 }
 292
 293
 294 /*
 295  *      bclearhigh - Initialize an admin_high Clearance.
 296  *
 297  *      Entry   clearance = Clearance structure to be initialized.
 298  *
 299  *      Exit    clearance = Initialized to the admin_high Clearance.
 300  *
 301  *      Returns None.
 302  *
 303  *      Calls   BCLEARHIGH.
 304  */
 305
 306 void
 307 bclearhigh(bclear_t *clearance)
 308 {
 309
 310         BCLEARHIGH(clearance);
 311 }
 312
 313 /*
 314  *      bslundef - Initialize an undefined Sensitivity Label.
 315  *
 316  *      Entry   label = Sensitivity Label structure to be initialized.
 317  *
 318  *      Exit    label = Initialized to undefined Sensitivity Label.
 319  *
 320  *      Returns None.
 321  *
 322  *      Calls   BSLUNDEF.
 323  */
 324
 325 void
 326 bslundef(bslabel_t *label)
 327 {
 328
 329         BSLUNDEF(label);
 330 }
 331
 332
 333 /*
 334  *      bclearundef - Initialize an undefined Clearance.
 335  *
 336  *      Entry   clearance = Clearance structure to be initialized.
 337  *
 338  *      Exit    clearance = Initialized to undefined Clearance.
 339  *
 340  *      Returns None.
 341  *
 342  *      Calls   BCLEARUNDEF.
 343  */
 344
 345 void
 346 bclearundef(bclear_t *clearance)
 347 {
 348
 349         BCLEARUNDEF(clearance);
 350 }
 351
 352
 353 /*
 354  *      setbltype - Set the type of a label structure.
 355  *
 356  *      Entry   label = Address of the label to set.
 357  *              type = Label type to set:
 358  *                      SUN_SL_ID = Sensitivity Label,
 359  *                      SUN_SL_UN = Undefined Sensitivity Label structure,
 360  *                      SUN_IL_ID = Information Label,
 361  *                      SUN_IL_UN = Undefined Information Label structure,
 362  *                      SUN_CLR_ID = Clearance, or
 363  *                      SUN_CLR_UN = Undefined Clearance structure.
 364  *
 365  *      Exit    label = Type set to specified type.
 366  *
 367  *      Returns None.
 368  *
 369  *      Calls   SETBLTYPE.
 370  */
 371
 372 void
 373 setbltype(void *label, uint8_t type)
 374 {
 375
 376         SETBLTYPE(label, type);
 377 }
 378
 379 /*
 380  * Returns B_TRUE if the label is invalid (initialized to all zeros).
 381  */
 382 boolean_t
 383 bisinvalid(const void *label)
 384 {
 385         return (GETBLTYPE(label) == SUN_INVALID_ID);
 386 }